Home > Backend Development > PHP Problem > What functions in php can prevent SQL injection?

What functions in php can prevent SQL injection?

(*-*)浩
Release: 2023-02-25 08:36:01
Original
3351 people have browsed it

What functions in php can prevent SQL injection?

Don’t believe what the user enters during login, the user’s input needs to be processed

SQL injection: (Recommended learning: PHP programming from entry to proficiency)

' or 1=1 #
Copy after login

Several functions to prevent SQL injection:

addslashes( $string): Use backslashes to quote special characters in the string ' " \

$username=addslashes($username);
Copy after login

mysql_escape_string($string): Use backslashes to escape characters in the string Special characters, used in mysql_query() queries.

$username=mysql_escape_string($username);
Copy after login

mysql_real_escape_string($string): Escape special characters in strings used in SQL statements, taking into account the current character of the connection Set, you need to ensure that the current connection state can be used before using this function, otherwise a warning will be reported. Do not escape % and _

$username=mysql_real_escape_string($username);
Copy after login

For example:

<?php
 $clean = array();
$mysql = array();

$clean[&#39;last_name&#39;] = "O&#39;Reilly";
$mysql[&#39;last_name&#39;] = mysql_real_escape_string($clean[&#39;last_name&#39;]);

$sql = "INSERT
      INTO   user (last_name)
      VALUES (&#39;{$mysql[&#39;last_name&#39;]}&#39;)";
 ?>
Copy after login

The above is the detailed content of What functions in php can prevent SQL injection?. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
php
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template